This chapter provides information about downloading the Directory Server Enterprise Edition software, and lists the primary installation requirements.
This chapter covers the following topics:
You can download the Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) software from the Oracle E-Delivery site as follows:
Point your browser to the Oracle E-Delivery site at http://edelivery.oracle.com.
Select the required language and click Continue.
Complete the Export Validation form and click Continue.
On the Media Pack Search page:
Select Oracle Fusion Middleware from the Select a Product Pack list.
Select the required platform and click Go.
Select Oracle Fusion Middleware 11g Media Pack and click Continue.
Select Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1.3.0) and click Download.
Directory Server Enterprise Edition 11g Release 1 (11.1.1) is available in the following distributions.
Native package distribution (for Solaris only)
Zip distribution (for all platforms)
Identity Synchronization for Windows version 6.0 SP1 is bundled with Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1).
Before you install Identity Synchronization for Windows version 6.0 SP1, you must read Installation Instructions for Identity Synchronization for Windows 6.0 Service Pack 1.
This section covers hardware requirements for Directory Server Enterprise Edition software.
Directory Server Enterprise Edition software requires the following hardware.
Component |
Platform Requirement |
---|---|
RAM |
1-2 GB for evaluation purposes Minimum 4 GB for production servers |
Local disk space |
400 MB disk space for binaries. By default, binaries installed from native packages are placed in /opt on UNIX systems. For evaluation purposes, an additional 2 GB local disk space for server software might be sufficient. If you are using Directory Server, consider that entries stored in Directory Server use local disk space. Directory Server does not support logs and databases installed on NFS-mounted file systems. Sufficient space should be provided for the database on a local file system in, for example, /var/opt or /local. For a typical production deployment with a maximum of 250,000 entries and no binary attributes such as photos, 4 GB might be sufficient. Directory Server may use more than 1.2 GB of disk space for its log files. This should be taken into account that 4 GB storage space is only for the databases, not the logs. Directory Server supports SAN disk storage. Before using SAN disk, you need to understand the layout and the design of the disk because the write performance of the system is affected if many applications simultaneously access data from the same disk. Directory Proxy Server does not support installation on NFS-mounted file systems. Sufficient space should be provided for the instance, and for all files used by the instance on a local file system in, for example, /var/opt or /local. Directory Proxy Server can use more than 1.2 GB of disk space for its log files. |
Identity Synchronization for Windows software requires the following hardware.
Component |
Platform Requirement |
---|---|
RAM |
512 MB for evaluation purposes wherever components are installed. More memory is preferred. |
Local disk space |
400 MB disk space for minimal installation alongside Directory Server. |
This section covers operating systems, patches and service packs required to support Directory Server Enterprise Edition component products.
The Directory Server Enterprise Edition software is validated with full installations of the operating systems listed here, not with reduced “base”, “End User”, or “core” installations. Certain operating systems require additional service packs or patches as shown in the following table.
Supported OS Versions for Directory Server Enterprise Edition |
Distribution Type Supported |
Additional Required Software and Comments |
---|---|---|
Solaris 10 U5+ Operating System for SPARC 64-bit and x64 |
Native packages and zip distribution |
The recommended patch clusters available at these sites:
|
Solaris 9 U9+ Operating System for SPARC 64-bit and x86 |
Native packages and zip distribution |
The recommended patch clusters available at these sites:
|
Solaris 10 U5+ Trusted Extension Operating System for SPARC 64-bit and x64 |
Native packages and zip distribution |
The recommended patch clusters available at these sites:
|
Red Hat Enterprise Linux 5 UL3+ Operating System for x64 |
Zip distribution |
No additional patches required. |
Red Hat Enterprise Linux 4 UL8+ Operating System for x64 and x86 |
Zip distribution |
No additional patches required. |
Oracle Enterprise Linux 5 UL3+ Operating System for x64 |
Zip distribution |
No additional patches required. |
SUSE Linux Enterprise Server 10 SP2+ Operating System for x86 and x64 |
Zip distribution |
pam-32bit-9-yyyymmddhhmm.rpm is a prerequisite for cacao to start on x64 systems. |
SUSE Linux Enterprise Server 11 Operating System for x64 |
Zip distribution |
pam-32bit-9-yyyymmddhhmm.rpm is a prerequisite for cacao to start. |
HP-UX 11i(11.23) PA-RISC 64-bit |
Zip distribution |
No additional patches required. |
Microsoft Windows Server 2003 R2+ for x86 and x64 |
Zip distribution |
No additional patches required. |
Microsoft Windows Server 2008 R2 for x86 and x64 |
Zip distribution |
No additional patches required. |
For all supported versions of Microsoft Windows, Directory Server and Directory Proxy Server run only in 32-bit mode, and the filesystem type must be NTFS.
Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) 32-bit is not supported on 64-bit platforms except Microsoft Windows.
If a new service pack or update for a supported platform is released, Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) supports that service pack or update.
Identity Synchronization for Windows is not supported on HP-UX and SUSE or Windows 2008, although you can use Identity Synchronization for Windows to synchronize with a Windows 2008 system.
Installations on SUSE Linux Enterprise Server require that you reset several Java environment variables. For more information, see Oracle Fusion Middleware Installation Guide for Oracle Directory Server Enterprise Edition.
Oracle Directory Server Enterprise Edition 11g Release 1 (11.1.1) delivers and supports Java 1.6.
Identity Synchronization for Windows components run on the operating system versions listed here. Certain operating systems require additional service packs or patches as shown in the following tables.
Supported OS Versions for Identity Synchronization for Windows |
Additional Required Software and Comments |
---|---|
Solaris 10 Operating System for SPARCand x86 architectures |
Patches:
|
Solaris 9 Operating System for SPARC and x86 architectures |
Patches:
|
Red Hat Enterprise Linux Advanced Server 4.0 Update 2 for x86 |
The following compatibility libraries are recommended: compat-gcc-32-3.2.3-47.3.i386.rpm compat-gcc-32-c++-3.2.3-47.3.i386.rpm The following compatibility library is required: compat-libstdc++-33-3.2.3-47.3.rpm Even when running Red Hat on a 64-bit system, 32-bit system libraries are installed. These compatibility libraries are available from Red Hat media or https://www.redhat.com/rhn/rhndetails/update/. |
Microsoft Windows 2003 Server Standard Edition |
Service Pack 1 |
Microsoft Windows 2003 Server Enterprise Edition |
Service Pack 1 |
Identity Synchronization for Windows is not supported on SUSE or HP-UX systems.
Directory Server Enterprise Edition Software Dependency Requirements
Supported Application Servers for Directory Service Control Center
Identity Synchronization for Windows Software Dependency Requirements
Identity Synchronization for Windows Requirements in a Firewall Environment
The key software dependency requirements are as follows:
Directory Server relies on the Network Security Services, NSS, layer for cryptographic algorithms. NSS has been validated to work with the Sun cryptographic framework provided on Solaris 10 systems, which supports cryptographic acceleration devices.
On Microsoft Windows systems, you must disable the pop-up blocker to make Directory Service Control Center work properly.
Directory Proxy Server will work with any LDAPv3–compliant directory server, but has been tested only with the directory server component of Directory Server Enterprise Edition.
In Solaris 10, rc.scripts are deprecated so commands like dsadm autostart are not supported. Instead use the Solaris 10 Service Management Facility (SMF) to handle these types of requests. For example, dsadm enable-service. For more information on SMF, see the Solaris operating system documentation.
The Directory Service Control Center supports the following application servers:
GlassFish 3.x
Tomcat 6.0+
Sun Java System Web Server 7.0+
Oracle WebLogic Server 10.3.3
Oracle iPlanet Web Server 7.0.9
For more information, see Appendix A, Deploying the DSCC WAR File, in Oracle Fusion Middleware Installation Guide for Oracle Directory Server Enterprise Edition.
For virtualization, Directory Proxy Server has been validated with the following JDBC data sources, using the drivers mentioned below. Though Directory Proxy Server works with all the JDBC 3 compliant drivers.
JDBC Data Source |
JDBC Driver |
---|---|
DB2 v9 |
IBM DB2 JDBC Universal Driver Architecture 2.10.27 |
Microsoft SQL Server 2005 |
sqljdbc.jar 1.2.2323.101 |
MySQL 5.x |
MySQL-AB JDBC Driver mysql-connector-java-5.0.4 |
Oracle 10g Database |
Oracle JDBC driver 10.2.0.2.0 (See Directory Proxy Server Limitations for more information.) |
JavaDB 10.5.3.0 |
Apache Derby Network Client JDBC Driver 10.5.3.0 |
The following table displays the browsers for each operating system that supports Directory Service Control Center.
Operating System |
Supported Browser |
---|---|
Solaris 10 and Solaris 9 (SPARC and x86) |
Firefox 3.5+ |
Red Hat Linux and SUSE Linux |
Firefox 3.5+ |
HP-UX |
Firefox 3.5+ |
Windows 2003/2008 |
Microsoft Internet Explorer 7 and 8, and Firefox 3.5+ |
Each Directory Server plug-in must be able to reach the Directory Server connector’s server port, which was chosen when the connector was installed. Plug-ins that run in Directory Server Master replicas must be able to connect to Active Directory’s LDAP, port 389, or LDAPS, port 636. The plug-ins that run in other Directory Server replicas must be able to reach the master Directory Server LDAP and LDAPS ports.
Before you can install Identity Synchronization for Windows, you must install the prerequisite Sun Java System software components, including JRE and Message Queue.
No JRE is provided with Identity Synchronization for Windows.
The Identity Synchronization for Windows installer requires J2SE or JRE 1.5.0_09. For more information, go to http://java.sun.com.
Identity Synchronization for Windows requires the installation and configuration of Message Queue 4.3, which is available from Oracle Software Downloads. Select Sun Downloads A-Z Listing and navigate to Message Queue 4.3.
Message Queue 3.7 (delivered as a Java Enterprise System shared component) is also supported.
When you install Identity Synchronization for Windows, you must specify the path to the correct version of Message Queue. The Identity Synchronization for Windows installation program then installs a required broker into Message Queue, so that Identity Synchronization for Windows can use Message Queue for synchronization.
You can run Identity Synchronization for Windows in a firewall environment. The following sections list the server ports that you must expose through the firewall.
By default, Message Queue uses dynamic ports for all services except for its port mapper. To access the Message Queue broker through a firewall, the broker should use fixed ports for all services.
After installing the core, you must set the imq.<service_name>.<protocol_type>.port broker configuration properties. Specifically, you must set the imq.ssljms.tls.port option. Refer to the Message Queue documentation for more information.
The Identity Synchronization for Windows installer must be able to communicate with the Directory Server acting as the configuration directory.
If you are installing an Active Directory connector, the installer must be able to contact Active Directory’s LDAP port, 389.
If you are installing a Directory Server connector or a Directory Server plug-in (subcomponent), the installer must be able to contact the Directory Server LDAP port, default 389.
The Message Queue, system manager, and command line interface must be able to reach the Directory Server where the Identity Synchronization for Windows configuration is stored.
The Identity Synchronization for Windows console must be able to reach the following:
Active Directory over LDAP, port 389, or LDAPS, port 636
Active Directory Global Catalog over LDAP, port 3268, or LDAPS, port 3269
Each Directory Server over LDAP or LDAPS
Administration Server
Message Queue
All connectors must be able to communicate with Message Queue.
In addition, the following connector requirements must be met.
The Active Directory connector must be able to access the Active Directory Domain Controller over LDAP, port 389, or LDAPS, port 636.
The Directory Server connector must be able to access Directory Server instances over LDAP, default port 389, or LDAPS, default port 636.
This section covers privileges or credentials required for installation of Directory Server Enterprise Edition component products.
When installing Directory Server Enterprise Edition from a native package distribution on Solaris systems, you must install as root.
You can install Directory Server Enterprise Edition from the zip distribution without special privileges. For more information, see the Oracle Fusion Middleware Installation Guide for Oracle Directory Server Enterprise Edition.
To install Identity Synchronization for Windows, you must provide credentials for the following.
Configuration Directory Server.
Directory Server being synchronized.
Active Directory.
See Chapter 3, Installing Core, in Sun Java System Identity Synchronization for Windows 6.0 Installation and Configuration Guide for details.
In addition, you must have the following privileges to install Identity Synchronization for Windows.
On Solaris and Red Hat systems, you must install as root.
On Windows systems, you must install as Administrator.
When you enter passwords by using the text-based installer, the program automatically masks the passwords so passwords are not echoed in the clear. The text-based installer is supported on Solaris and Red Hat systems only.
Installation of Identity Synchronization for Windows in a virtualized environment is not supported.
On Windows 2003 Server, the default password policy enforces strict passwords.
Before you install Identity Synchronization for Windows, please read Chapter 2, Preparing for Installation, in Sun Java System Identity Synchronization for Windows 6.0 Installation and Configuration Guide and Installation Instructions for Identity Synchronization for Windows 6.0 Service Pack 1.